Jobs · Information Technology · North Carolina

Lead Information Security Architect

EverBank · Charlotte, NC · 1 wk ago
On-siteInformation Technology$122k–$165k/yrFull-time

About the role

The Lead Information Security Architect reviews information security architecture, ensuring consistent and effective information security administration procedures and processes. This role oversees security configuration and the installation of various servers, helps design security models, and crafts the overall IT vision within the organization.

Responsibilities

  • Reviews the design and development of security models, and establishes procedures and guidelines for hardware, software, and network security that support information security policies.
  • Oversees security awareness programs; educates and communicates to staff about information security policies, procedures, and practices.
  • Crafts the organizational technology vision and information security principles and standards to ensure the information security needs of the business are met.
  • Reviews and implements the design for security solutions and champions them through the architectural portions of the software development life cycle process.
  • Advises the selection decisions of security tools for use by various security teams and in the architecture review as the voice of security in the governance of the software development process as it relates to architectural elements.
  • Serves as an internal information security consultant on standards, complex issues, and best practices to the organization.
  • Coaches and delegates work to lower-level professionals to ensure high-quality and timely completion of projects while managing select projects and processes.

Requirements

  • 5 years of experience leading security architecture initiatives for an enterprise organization.
  • Prior experience designing, implementing, and managing security architecture standards to ensure compliance and reduce risk to the bank.
  • 7+ years of experience leading security architecture for a mid-large sized financial institution.
  • Advanced knowledge and understanding of cloud security concepts - Azure, AWS, GCP, etc.
  • One or more of the following certifications - CISSP, CCSP, TOGAF.

Qualifications

  • University (Degree) preferred.

Physical Requirements

Sedentary Work

Benefits

  • Medical, dental, vision & HSA/FSA
  • 401(k) savings
  • Paid holidays & generous PTO
  • Additional wellness & voluntary benefits
  • Tuition reimbursement
  • Commuter Benefits
  • Life and Disability Insurance

Additional Responsibilities

  • Own and lead security architecture as a 1st Line of Defense function, accountable for proactive risk identification, control design, and secure technology enablement.
  • Define, implement, and maintain enterprise security architecture across applications, infrastructure, cloud, data, identity, and third-party integrations.
  • Establish and enforce security architecture standards, patterns, and guardrails to ensure compliance with FFIEC, GLBA, SOX, and internal risk appetite.
  • Partner directly with engineering, product, and infrastructure teams to embed security-by-design and DevSecOps practices throughout the SDLCS.
  • Serve as the authoritative approver for security architecture reviews, threat models, and risk assessments for new initiatives and material changes.
  • Drive adoption of Zero Trust principles, IAM, network segmentation, encryption, key management, and data protection architectures.
  • Translate regulatory, risk, and business requirements into pragmatic, scalable security solutions that enable business outcomes.
  • Drive adoption of Zero Trust principles, IAM, network segmentation, encryption, key management, and data protection architectures.
  • Actively support incident response, vulnerability prioritization, and security event remediation by addressing systemic and architectural weaknesses.
  • Mentor and technically lead security engineers, acting as a force multiplier for security maturity across the organization.
  • Collaborate with 2nd Line (Risk/GRC) and Audit teams while retaining ownership for control implementation and effectiveness.

Similar jobs